This Privacy Policy applies if you reside in the European Economic Area (EEA), Switzerland, or UK.
We at Arti Education respect your privacy and are strongly committed to keeping secure any information we obtain from you or about you.
This Privacy Policy describes our practices with respect to Personal Data we collect from or about you when you use our website, training platform, client platform, and services (collectively, “Services”).
This Privacy Policy does not apply if you are an employee or contractor of Arti Education, a separate privacy notice applies to you.
Data Controller
If you live in the United Kingdom, European Economic Area (EEA) or Switzerland, Arti Education Ltd, England, is the controller and is responsible for the processing of your Personal Data as described in this Privacy Policy.
Arti Education (‘Arti”, ‘we”, ‘us”, or ‘our”) is an AI-powered compliance training service that provides personalised learning experiences.
Our details:
Organisation name: Arti Education Limited
Registered office: 33 Montpelier Square, SW7 1JY
ICO Data Protection Register number: ZC015772
Company number: 16739217
Contact email: contact@arti-edu.com
Data Subject Access Request email: dsar@arti-edu.com
Website: www.arti-edu.com
Data Protection Lead: Cyril Estier
For further questions about how we handle your personal data, please contact us at contact@arti-edu.com.
What Data Do We Collect
In the normal course of our business, we collect personal data relating to you (“Personal Data”) as described below. We attempt to minimise the data we collect, and minimise the risk of identification.
Personal Data You Provide
Account Identifiers – When you create an account with us, we collect information associated with your account including your work email address and associated organisation.
User Content – When you interact with our training, we collect your messages, inputs to our AI training system, and feedback you give us.
Entry Information – At the start of training, you provide basic information such as pseudonym or username, age range, broad role, gender and may ask for optional additional questions to personalise content.
Contact Information – If you contact us (by phone, email, or through the Website) we may keep a record of that correspondence for two years. We will not use it for marketing purposes.
Important: Our training addresses sensitive topics such as bullying, harassment and sexual misconduct. You may choose to disclose sensitive personal information (special category data) during conversations, such as information about your sexual orientation, political opinions, religious affiliations, health, or personal experiences. We do not request or require this information.
Personal Data We Receive Automatically From Your Use of the Services
Log data – Training completion status, time spent, training progress, certificates, the date and time of your requests, and how you interact with our Services.
Usage Data – Information about your use of the Services, such as the types of content that you view or engage with, the features you use and the actions you take.
Personal Data We Receive Automatically From Your Visit of our Website
Cookies as described in our cookies privacy notice.
How We Use Your Personal Data
We may use Personal Data for the following purposes:
To provide and maintain our Services;
To improve and develop our Services and new features and conduct internal research;
For Clients, to communicate with you, including to send you information or marketing about our Services and events;
To prevent fraud, criminal activity, or misuses of our Services, and to protect the security of our systems and Services; and
To comply with legal obligations and to protect the rights, privacy, safety, or property of our users, us, our affiliates, or any third party.
We may also disclose your Personal Data in the following circumstances:
Client Organisation: We may share aggregated information like general user statistics with your organisation through a secure channel only if it does not risk re-identification.
Service Providers: We may disclose Personal Data to service providers including AI API providers, hosting, cloud, analytics, or communication services, acting under our instruction.
Government Authorities or Other Third Parties: To comply with law or defend rights.
Business Transfers: In the event of mergers, acquisitions, or reorganisations.
Legal Bases for Processing
Retention Periods
You can request deletion of your personal data at any time by contacting dsar@arti-edu.com.
International Data Transfers
Some service providers are outside the UK/EEA. We ensure protection by:
Standard Contractual Clauses (SCCs)
International Data Transfer Agreements (IDTA)
Contractual commitments to UK GDPR standards
Safeguards
Aggregated or de-identified data is used for analysis and improvement only. We do not re-identify users.
Sub-processors bound by Data Processing Agreements.
SCCs or IDTAs for international transfers.
Regular due diligence on sub-processors.
Your Rights
Under UK data protection law, you have rights to be informed, access, rectification, erasure, restriction, portability, and objection.
You may object to our use of your data for AI model improvement. We do not perform automated decision-making or profiling.
To exercise any rights:
Email: contact@arti-edu.com
Post: 33 Montpelier Square, SW7 1JY
Responses within one month. No fee unless unfounded or excessive.
Our Commitment as External Provider
Arti is external to your institution’s systems.
We do not monitor or report your conversations.
Your institution receives only completion status and anonymised data.
Changes to this Notice
We may update this privacy notice periodically. Updates are posted on our website.
Contact Us
Data Protection Lead: Cyril Estier
Email: contact@arti-edu.com
Post: 33 Montpelier Square, SW7 1JY
ICO Complaint
If you are unhappy with our handling of your data, contact the Information Commissioner’s Office (ICO):
Website: ico.org.uk
Telephone: 0303 123 1113
Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
